Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Description:
A framework for constructing recognizers, compilers,
and translators from grammatical descriptions containing
Java, C#, C++, or Python actions.
License:
BSD License: http://www.antlr.org/license.htmlFile Path: C:\Users\Tamara\.m2\repository\antlr\antlr\2.7.7\antlr-2.7.7.jar
Description: AOP Alliance
License:
Public DomainFile Path: C:\Users\Tamara\.m2\repository\aopalliance\aopalliance\1.0\aopalliance-1.0.jar
File Path: C:\Users\Tamara\.m2\repository\asm\asm-analysis\3.2\asm-analysis-3.2.jar
MD5: 3bdf5175cd29999eed4b4c36543a1cb2
SHA1: c624956db93975b7197699dcd7de6145ca7cf2c8
File Path: C:\Users\Tamara\.m2\repository\asm\asm-commons\3.3.1\asm-commons-3.3.1.jar
MD5: 5d9db6be0c31d0d895ad91af241e6fd2
SHA1: fae85e673c73f6f45386dbbcc2ae3aa6398a773f
File Path: C:\Users\Tamara\.m2\repository\asm\asm-tree\3.3.1\asm-tree-3.3.1.jar
MD5: c01f93f2455473a97ee3f8ffa103d613
SHA1: c9723d887e26c3049944e46312bb39e7ab1a2ed2
File Path: C:\Users\Tamara\.m2\repository\asm\asm-util\3.2\asm-util-3.2.jar
MD5: d11e6d8b991c3a2e7a13d479c5e733e8
SHA1: 37ebfdad34d5f1f45109981465f311bbfbe82dcf
File Path: C:\Users\Tamara\.m2\repository\asm\asm\3.3.1\asm-3.3.1.jar
MD5: 1ad1e8959324b0f680b8e62406955642
SHA1: 1d5f20b4ea675e6fab6ab79f1cd60ec268ddc015
File Path: C:\Users\Tamara\.m2\repository\avalon-framework\avalon-framework\4.1.3\avalon-framework-4.1.3.jar
MD5: bef9f9be8ba066273fdef72b3503a307
SHA1: 92315ee1c4a4c90bee05055713811f28f8509075
Description: Dawid Kurzyniec's backport of JSR 166
License:
Public Domain: http://creativecommons.org/licenses/publicdomainFile Path: C:\Users\Tamara\.m2\repository\backport-util-concurrent\backport-util-concurrent\3.1\backport-util-concurrent-3.1.jar
Description: logback-core module
License:
http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.htmlFile Path: C:\Users\Tamara\.m2\repository\ch\qos\logback\logback-core\1.1.11\logback-core-1.1.11.jar
File Path: C:\Users\Tamara\.m2\repository\classworlds\classworlds\1.1\classworlds-1.1.jar
MD5: c20629baa65f1f2948b37aa393b0310b
SHA1: 60c708f55deeb7c5dfce8a7886ef09cbc1388eca
Description: Library for introspecting types with full generic information
including resolving of field and method types.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\com\fasterxml\classmate\1.3.3\classmate-1.3.3.jar
Description: Core annotations used for value types, used by Jackson data binding package.
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\com\fasterxml\jackson\core\jackson-annotations\2.8.0\jackson-annotations-2.8.0.jar
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-918 Server-Side Request Forgery (SSRF)
XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD.
Vulnerable Software & Versions:
Description: Core Jackson abstractions, basic JSON streaming API implementation
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\com\fasterxml\jackson\core\jackson-core\2.8.8\jackson-core-2.8.8.jar
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-918 Server-Side Request Forgery (SSRF)
XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD.
Vulnerable Software & Versions:
Description: JSR305 Annotations for Findbugs
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\com\google\code\findbugs\jsr305\2.0.1\jsr305-2.0.1.jar
Description: Google Collections Library is a suite of new collections and collection-related goodness for Java 5.0
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\com\google\collections\google-collections\1.0\google-collections-1.0.jar
Description:
Guava is a suite of core and expanded libraries that include
utility classes, google's collections, io classes, and much
much more.
Guava has only one code dependency - javax.annotation,
per the JSR-305 spec.
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\com\google\guava\guava\18.0\guava-18.0.jar
Description: Java port of Stefan Goessner JsonPath.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\com\jayway\jsonpath\json-path\2.2.0\json-path-2.2.0.jar
Description: istack common utility code
License:
https://glassfish.java.net/public/CDDL+GPL_1_1.html, https://glassfish.java.net/public/CDDL+GPL_1_1.htmlFile Path: C:\Users\Tamara\.m2\repository\com\sun\istack\istack-commons-runtime\2.16\istack-commons-runtime-2.16.jar
Description: JAXB (JSR 222) reference implementation - core classes
License:
CDDL 1.1: https://glassfish.java.net/public/CDDL+GPL_1_1.html GPL2 w/ CPE: https://glassfish.java.net/public/CDDL+GPL_1_1.htmlFile Path: C:\Users\Tamara\.m2\repository\com\sun\xml\bind\jaxb-core\2.2.7\jaxb-core-2.2.7.jar
Description: JAXB (JSR 222) Reference Implementation
License:
CDDL 1.1: https://glassfish.java.net/public/CDDL+GPL_1_1.html GPL2 w/ CPE: https://glassfish.java.net/public/CDDL+GPL_1_1.htmlFile Path: C:\Users\Tamara\.m2\repository\com\sun\xml\bind\jaxb-impl\2.2.7\jaxb-impl-2.2.7.jar
Description: JAXB (JSR 222) reference implementation - schema generator
License:
CDDL 1.1: https://glassfish.java.net/public/CDDL+GPL_1_1.html GPL2 w/ CPE: https://glassfish.java.net/public/CDDL+GPL_1_1.htmlFile Path: C:\Users\Tamara\.m2\repository\com\sun\xml\bind\jaxb-jxc\2.2.7\jaxb-jxc-2.2.7.jar
Description: JAXB (JSR 222) reference implementation - Schema compiler
License:
CDDL 1.1: https://glassfish.java.net/public/CDDL+GPL_1_1.html GPL2 w/ CPE: https://glassfish.java.net/public/CDDL+GPL_1_1.htmlFile Path: C:\Users\Tamara\.m2\repository\com\sun\xml\bind\jaxb-xjc\2.2.7\jaxb-xjc-2.2.7.jar
File Path: C:\Users\Tamara\.m2\repository\com\sun\xml\fastinfoset\FastInfoset\1.2.12\FastInfoset-1.2.12.jar
MD5: 3af394f8b98e3a921c0719ff1dc17614
SHA1: e8c1c096162a146c2d84135c5036edf54c1b1d38
Description:
JSON (JavaScript Object Notation) is a lightweight data-interchange format.
This is the org.json compatible Android implementation extracted from the Android SDK
License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\com\vaadin\external\google\android-json\0.0.20131108.vaadin1\android-json-0.0.20131108.vaadin1.jar
Severity:
Medium
CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:N/I:P/A:P)
CWE: CWE-200 Information Exposure
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.3 (AV:A/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
The get_option function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHO_OPTIONSOVERLOADED option in the (1) bootfile or (2) servername section, which triggers the option to be processed again.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-94 Improper Control of Generation of Code ('Code Injection')
java/android/webkit/BrowserFrame.java in Android before 4.4 uses the addJavascriptInterface API in conjunction with creating an object of the SearchBoxImpl class, which allows attackers to execute arbitrary Java code by leveraging access to the searchBoxJavaBridge_ interface at certain Android API levels.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-310 Cryptographic Issues
The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java in the SecureRandom implementation in Apache Harmony through 6.0M3, as used in the Java Cryptography Architecture (JCA) in Android before 4.4 and other products, when no seed is provided by the user, uses an incorrect offset value, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the resulting PRNG predictability, as exploited in the wild against Bitcoin wallet applications in August 2013.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CWE: CWE-20 Improper Input Validation
WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation.
Vulnerable Software & Versions: (show all)
Description: Commons CLI provides a simple API for working with the command line arguments and options.
File Path: C:\Users\Tamara\.m2\repository\commons-cli\commons-cli\1.0\commons-cli-1.0.jar
MD5: f6feeb3b3d95f7d09180fd71e96cead4
SHA1: 6dac9733315224fc562f6268df58e92d65fd0137
Description:
Commons CLI provides a simple API for presenting, processing and validating a command line interface.
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\commons-cli\commons-cli\1.2\commons-cli-1.2.jar
Description:
The Apache Commons Codec package contains simple encoder and decoders for
various formats such as Base64 and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\commons-codec\commons-codec\1.10\commons-codec-1.10.jar
Description: The HttpClient component supports the client-side of RFC 1945 (HTTP/1.0) and RFC 2616 (HTTP/1.1) , several related specifications (RFC 2109 (Cookies) , RFC 2617 (HTTP Authentication) , etc.), and provides a framework by which new request types (methods) or HTTP extensions can be created easily.
License:
Apache License: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\commons-httpclient\commons-httpclient\3.1\commons-httpclient-3.1.jar
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang) via unspecified vectors.
Vulnerable Software & Versions:
Severity:
Medium
CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "CN=" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the "foo,CN=www.apache.org" string in the O field.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-20 Improper Input Validation
http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5783.
Vulnerable Software & Versions: (show all)
Description:
Commons-IO contains utility classes, stream implementations, file filters, and endian classes.
File Path: C:\Users\Tamara\.m2\repository\commons-io\commons-io\1.3.2\commons-io-1.3.2.jar
MD5: 903c04d1fb5d4dc81d95e4be93ff7ecd
SHA1: b6dde38349ba9bb5e6ea6320531eae969985dae5
Description:
The Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\commons-io\commons-io\2.4\commons-io-2.4.jar
Description: Commons Logging is a thin adapter allowing configurable bridging to other,
well known logging systems.
License:
The Apache Software License, Version 2.0: /LICENSE.txtFile Path: C:\Users\Tamara\.m2\repository\commons-logging\commons-logging-api\1.1\commons-logging-api-1.1.jar
Description: Commons Logging is a thin adapter allowing configurable bridging to other,
well known logging systems.
License:
The Apache Software License, Version 2.0: /LICENSE.txtFile Path: C:\Users\Tamara\.m2\repository\commons-logging\commons-logging\1.0.4\commons-logging-1.0.4.jar
Description: Commons Logging is a thin adapter allowing configurable bridging to other,
well known logging systems.
File Path: C:\Users\Tamara\.m2\repository\commons-logging\commons-logging\1.1.1\commons-logging-1.1.1.jar
MD5: ed448347fc0104034aa14c8189bf37de
SHA1: 5043bfebc3db072ed80fbd362e7caf00e885d8ae
Description: Commons Logging is a thin adapter allowing configurable bridging to other,
well known logging systems.
License:
The Apache Software License, Version 2.0: /LICENSE.txtFile Path: C:\Users\Tamara\.m2\repository\commons-logging\commons-logging\1.1\commons-logging-1.1.jar
Description: Apache Commons Logging is a thin adapter allowing configurable bridging to other,
well known logging systems.
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\commons-logging\commons-logging\1.2\commons-logging-1.2.jar
Description: dom4j: the flexible XML framework for Java
File Path: C:\Users\Tamara\.m2\repository\dom4j\dom4j\1.6.1\dom4j-1.6.1.jar
MD5: 4d8f51d3fe3900efc6e395be48030d6d
SHA1: 5d3ccc056b6f056dbf0dddfdf43894b9065a8f94
Description: Common Annotations for the JavaTM Platform API
License:
CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.htmlFile Path: C:\Users\Tamara\.m2\repository\javax\annotation\javax.annotation-api\1.2\javax.annotation-api-1.2.jar
Description: JSR-250 Reference Implementation by Glassfish
License:
COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0: https://glassfish.dev.java.net/public/CDDLv1.0.htmlFile Path: C:\Users\Tamara\.m2\repository\javax\annotation\jsr250-api\1.0\jsr250-api-1.0.jar
Description: APIs for JSR-299: Contexts and Dependency Injection for Java EE
File Path: C:\Users\Tamara\.m2\repository\javax\enterprise\cdi-api\1.0\cdi-api-1.0.jar
MD5: 462c0959f0322016495f4598243bc0f2
SHA1: 44c453f60909dfc223552ace63e05c694215156b
Description: The javax.inject API
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\javax\inject\javax.inject\1\javax.inject-1.jar
File Path: C:\Users\Tamara\.m2\repository\javax\servlet\servlet-api\2.3\servlet-api-2.3.jar
MD5: c097f777c6fd453277c6891b3bb4dc09
SHA1: 0137a24e9f62973f01f16dd23fc1b5a9964fd9ef
Description: Project GlassFish Java Transaction API
License:
CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.htmlFile Path: C:\Users\Tamara\.m2\repository\javax\transaction\javax.transaction-api\1.2\javax.transaction-api-1.2.jar
Description:
Bean Validation API
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\javax\validation\validation-api\1.1.0.Final\validation-api-1.1.0.Final.jar
Description: Java API for RESTful Web Services (JAX-RS)
License:
CDDL 1.1: http://glassfish.java.net/public/CDDL+GPL_1_1.html GPL2 w/ CPE: http://glassfish.java.net/public/CDDL+GPL_1_1.htmlFile Path: C:\Users\Tamara\.m2\repository\javax\ws\rs\javax.ws.rs-api\2.0.1\javax.ws.rs-api-2.0.1.jar
Description: JAXB (JSR 222) API
License:
CDDL 1.1: https://glassfish.java.net/public/CDDL+GPL_1_1.html GPL2 w/ CPE: https://glassfish.java.net/public/CDDL+GPL_1_1.htmlFile Path: C:\Users\Tamara\.m2\repository\javax\xml\bind\jaxb-api\2.2.7\jaxb-api-2.2.7.jar
Description:
StAX is a standard XML processing API that allows you to stream XML data from and to your application.
License:
GNU General Public Library: http://www.gnu.org/licenses/gpl.txt COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0: http://www.sun.com/cddl/cddl.htmlFile Path: C:\Users\Tamara\.m2\repository\javax\xml\stream\stax-api\1.0-2\stax-api-1.0-2.jar
Description:
JUnit is a regression testing framework written by Erich Gamma and Kent Beck. It is used by the developer who implements unit tests in Java.
License:
Common Public License Version 1.0: http://www.opensource.org/licenses/cpl1.0.txtFile Path: C:\Users\Tamara\.m2\repository\junit\junit\3.8.1\junit-3.8.1.jar
Description:
JUnit is a regression testing framework written by Erich Gamma and Kent Beck. It is used by the developer who implements unit tests in Java.
License:
Common Public License Version 1.0: http://www.opensource.org/licenses/cpl1.0.txtFile Path: C:\Users\Tamara\.m2\repository\junit\junit\3.8.2\junit-3.8.2.jar
Description: JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.
License:
Eclipse Public License 1.0: http://www.eclipse.org/legal/epl-v10.htmlFile Path: C:\Users\Tamara\.m2\repository\junit\junit\4.12\junit-4.12.jar
File Path: C:\Users\Tamara\.m2\repository\log4j\log4j\1.2.12\log4j-1.2.12.jar
MD5: 223504f742addd3f631ed8bdf689f1c9
SHA1: 057b8740427ee6d7b0b60792751356cad17dc0d9
Description: Apache Log4j 1.2
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\log4j\log4j\1.2.17\log4j-1.2.17.jar
File Path: C:\Users\Tamara\.m2\repository\logkit\logkit\1.0.1\logkit-1.0.1.jar
MD5: 32240100a5c15d53f00392fae4b0aab7
SHA1: aaf5649b523c5ffc925e746074979150bb74bfdc
Description: MySQL JDBC Type 4 driver
License:
The GNU General Public License, Version 2: http://www.gnu.org/licenses/old-licenses/gpl-2.0.htmlFile Path: C:\Users\Tamara\.m2\repository\mysql\mysql-connector-java\5.1.41\mysql-connector-java-5.1.41.jar
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.3 (AV:N/AC:L/Au:M/C:N/I:P/A:N)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.0 (AV:L/AC:M/Au:S/C:P/I:P/A:N)
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 2.8 (AV:N/AC:M/Au:M/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.6 (AV:L/AC:L/Au:N/C:C/I:C/A:N)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.5 (AV:N/AC:L/Au:S/C:P/I:P/A:N)
CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)
CWE: CWE-255 Credentials Management
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 2.1 (AV:N/AC:H/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:P/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:P/I:P/A:N)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.0 (AV:L/AC:M/Au:S/C:P/I:P/A:N)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.5 (AV:N/AC:L/Au:S/C:P/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 1.7 (AV:N/AC:H/Au:M/C:N/I:P/A:N)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-189 Numeric Errors
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CWE: CWE-20 Improper Input Validation
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.6 (AV:L/AC:L/Au:N/C:N/I:P/A:P)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-264 Permissions, Privileges, and Access Controls
The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command.
Vulnerable Software & Versions:
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
Vulnerable Software & Versions: (show all)
Description: MySQL JDBC Type 4 driver
License:
The GNU General Public License, Version 2: http://www.gnu.org/licenses/old-licenses/gpl-2.0.htmlFile Path: C:\Users\Tamara\.m2\repository\mysql\mysql-connector-java\5.1.42\mysql-connector-java-5.1.42.jar
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Locking.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote authenticated users to affect availability via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.3 (AV:N/AC:L/Au:M/C:N/I:P/A:N)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect integrity via unknown vectors related to InnoDB.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.71 and earlier, 5.5.33 and earlier, and 5.6.13 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in client/mysql.cc in Oracle MySQL and MariaDB before 5.5.35 allows remote database servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server version string.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.0 (AV:L/AC:M/Au:S/C:P/I:P/A:N)
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 2.8 (AV:N/AC:M/Au:M/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.6 (AV:L/AC:L/Au:N/C:C/I:C/A:N)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.5 (AV:N/AC:L/Au:S/C:P/I:P/A:N)
CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)
CWE: CWE-255 Credentials Management
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1703.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 2.1 (AV:N/AC:H/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:P/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.9 (AV:N/AC:M/Au:S/C:P/I:P/A:N)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.0 (AV:L/AC:M/Au:S/C:P/I:P/A:N)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.5 (AV:N/AC:L/Au:S/C:P/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 1.7 (AV:N/AC:H/Au:M/C:N/I:P/A:N)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-189 Numeric Errors
MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.5 (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CWE: CWE-20 Improper Input Validation
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 3.6 (AV:L/AC:L/Au:N/C:N/I:P/A:P)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-264 Permissions, Privileges, and Access Controls
The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command.
Vulnerable Software & Versions:
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
Vulnerable Software & Versions: (show all)
Description: Java reflect give poor performance on getter setter an constructor calls,
accessors-smart use ASM to speed up those calls.
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\net\minidev\accessors-smart\1.1\accessors-smart-1.1.jar
Description:
JSON (JavaScript Object Notation) is a lightweight data-interchange format. It is easy for humans to read and write. It is easy for machines to parse and generate. It is based on a subset of the JavaScript Programming Language, Standard ECMA-262 3rd Edition - December 1999. JSON is a text format that is completely language independent but uses conventions that are familiar to programmers of the C-family of languages, including C, C++, C#, Java, JavaScript, Perl, Python, and many others. These properties make JSON an ideal data-interchange language.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\net\minidev\json-smart\2.2.1\json-smart-2.2.1.jar
Description:
Apache Commons Compress software defines an API for working with
compression and archive formats.
These include: bzip2, gzip, pack200, lzma, xz, Snappy, traditional
Unix Compress, DEFLATE and ar, cpio, jar, tar, zip, dump, 7z, arj.
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\commons\commons-compress\1.9\commons-compress-1.9.jar
Description:
Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\commons\commons-lang3\3.1\commons-lang3-3.1.jar
Description: Apache CXF Core
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\cxf\cxf-core\3.1.11\cxf-core-3.1.11.jar
Severity:
Medium
CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
CWE: CWE-20 Improper Input Validation
The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF, possibly 2.6.0, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
Vulnerable Software & Versions: (show all)
Description:
Apache HttpComponents Client
File Path: C:\Users\Tamara\.m2\repository\org\apache\httpcomponents\httpclient\4.5.3\httpclient-4.5.3.jar
MD5: 1965ebb7aca0f9f8faaed3870d8cf689
SHA1: d1577ae15f01ef5438c5afc62162457c00a34713
Description:
Apache HttpComponents Core (blocking I/O)
File Path: C:\Users\Tamara\.m2\repository\org\apache\httpcomponents\httpcore\4.4.6\httpcore-4.4.6.jar
MD5: a9fbd503e0802507efeeaffb56bbdf52
SHA1: e3fd8ced1f52c7574af952e2e6da0df8df08eb82
Description:
Apache HttpComponents HttpClient - MIME coded entities
File Path: C:\Users\Tamara\.m2\repository\org\apache\httpcomponents\httpmime\4.5.3\httpmime-4.5.3.jar
MD5: a00b6287cab2ad554ae3cbdbe983dc88
SHA1: 889fd6d061bb63b99dd5c6aba35a555ae863de52
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\archetypes\maven-archetype-quickstart\1.1\maven-archetype-quickstart-1.1.jar
MD5: 2645540a64e26dc77899b0c930654dd4
SHA1: 9afa09bd00c13b383393f67aa1e2bb8f912820fa
Description: Doxia Logging API.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\doxia\doxia-logging-api\1.1\doxia-logging-api-1.1.jar
MD5: 8e93b74b3fb7353322069d4c996c7887
SHA1: c8fe274396e40452ca3e6121f6dd00220b210d48
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\doxia\doxia-sink-api\1.0-alpha-7\doxia-sink-api-1.0-alpha-7.jar
MD5: 9fc562ffc147b9f2228be67efdca1749
SHA1: 68464d54384c35119c70684d5d609b64635d1bbd
Description: Doxia Sink API.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\doxia\doxia-sink-api\1.1\doxia-sink-api-1.1.jar
MD5: 83936a5b87b5a2ead35c8987d984b14a
SHA1: 9fc15c69e09a14fd07acba7300009eff6e692a44
Description: Extensions to Aether for utilizing Maven POM and repository metadata.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-aether-provider\3.2.1\maven-aether-provider-3.2.1.jar
MD5: 56f135570d1c4cb8665ae21b72ff5b54
SHA1: ab57cafec4e9c2650df963d83cb173d311fcadf0
Description: Provides utility methods for creating JARs and other archive files from a Maven project.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-archiver\2.6\maven-archiver-2.6.jar
MD5: 52bf42f0ae7ff5f0075e631f76e83f4f
SHA1: e0f87fd4d03b9f0c09908c4d0c398acd501a11d8
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-artifact-manager\2.0.6\maven-artifact-manager-2.0.6.jar
MD5: b5a0500e4c194796ac59175f64ae7029
SHA1: dc326c3a989c10618e09a7b77cadeff297591942
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-artifact-manager\2.0.8\maven-artifact-manager-2.0.8.jar
MD5: 23e0851880be1408bef15e64055582b4
SHA1: bb5ba069e3460450b139075b91f27f7bd4007877
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-artifact-manager\2.0.9\maven-artifact-manager-2.0.9.jar
MD5: 4940bb2f80c2c36f4b16250bbf383247
SHA1: 53224a5254101fb9b6d561d5a53c6d0817036d94
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-artifact-manager\2.2.1\maven-artifact-manager-2.2.1.jar
MD5: f3e76a8a83f422a900886543c48914f7
SHA1: ec355b913c34d37080810f98e3f51abecbe1572b
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-artifact\2.0.6\maven-artifact-2.0.6.jar
MD5: c719aad6745c191a9ac643d82f42dd95
SHA1: fcbf6e26a6d26ecaa25c199b6f16bf168b2f28dc
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-artifact\2.0.9\maven-artifact-2.0.9.jar
MD5: c6f1bcc526bc0958dee6cd0fbc9a8dbe
SHA1: 66f0c8baa789fffdf54924cf395b26bbc2130435
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-artifact\2.2.1\maven-artifact-2.2.1.jar
MD5: 7b7613fd5db72967269abe7ab50b76e9
SHA1: 23600f790d4dab2cb965419eaa982e3e84c428f8
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-artifact\3.1.1\maven-artifact-3.1.1.jar
MD5: 32f4cdfe73cccb1af3e5624a2406431c
SHA1: dbd94f0744545e17caa51db6fc493fc736361837
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-compat\3.0\maven-compat-3.0.jar
MD5: da4b5aceab7166994e066570cd5737be
SHA1: 475f94b86858a1d4660c4b4523aa3362f28d9317
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-core\2.0.6\maven-core-2.0.6.jar
MD5: 274e632a842ad71d6432476744d7904a
SHA1: 33b78ed70029bfca9fadee5c8e7c9b27b9a39443
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-core\2.0.9\maven-core-2.0.9.jar
MD5: 2f1d9ed5ae3c725349ab00e68a1c1933
SHA1: e1003a0a66dae77515259c5e591ea1cfd73c2859
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-core\2.2.1\maven-core-2.2.1.jar
MD5: 7538cd62a04a378d4c1944e26c793164
SHA1: 6f488e461188496c62e161f32160b3465ce5901e
Description: Maven Core classes.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-core\3.1.1\maven-core-3.1.1.jar
MD5: f4c6ef84a6e712a1374b42139daa0784
SHA1: ab7a9b58a1a4dec17facebda058d1da2a34871ff
Description: Provides a manager component which will process a given Throwable instance through a set of diagnostic
sub-components, and return a String message with user-friendly information about the error and possibly
how to fix it.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-error-diagnostics\2.0.6\maven-error-diagnostics-2.0.6.jar
MD5: dbdd37b19cc76d3030294a041b7da02c
SHA1: 49f5380c07a79cd91ee09e0cb9063764f1f6525c
Description: Provides a manager component which will process a given Throwable instance through a set of diagnostic
sub-components, and return a String message with user-friendly information about the error and possibly
how to fix it.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-error-diagnostics\2.0.9\maven-error-diagnostics-2.0.9.jar
MD5: 4f80b83469f44cb07f6fbc3f9c2ebede
SHA1: 46cc6b69beebc7bbf59c4f3842f72f2c1942e8e5
Description: Provides a manager component which will process a given Throwable instance through a set of diagnostic
sub-components, and return a String message with user-friendly information about the error and possibly
how to fix it.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-error-diagnostics\2.2.1\maven-error-diagnostics-2.2.1.jar
MD5: 8eaa64d20f32c0b0c1beb9739bbb5fe3
SHA1: e81bb342d7d172f23d108dc8fa979a1facdcde8e
Description: The effective model builder, with inheritance, profile activation, interpolation, ...
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-model-builder\3.1.1\maven-model-builder-3.1.1.jar
MD5: 7447b3f33c6201f92dedbf5b4059bb4c
SHA1: 5fb53c92da84ebeff403414b667611d6bcd477cf
Description: Maven Model
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-model\2.0.6\maven-model-2.0.6.jar
MD5: a73547055286eb7f5c24ba540be92894
SHA1: 9649253c0e68a453f388e0a308c0653309f87807
Description: Maven Model
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-model\2.0.9\maven-model-2.0.9.jar
MD5: 05fc405395b7dfdd0300929fb2a16bf2
SHA1: 9fb844625928dd992842e180853fbb2b197c9a9d
Description: Maven Model
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-model\2.2.1\maven-model-2.2.1.jar
MD5: b269f663e3440e40be4b696d9b7c2260
SHA1: c0a1c17436ec3ff5a56207c031d82277b4250a29
Description: Model for Maven POM (Project Object Model)
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-model\3.1.1\maven-model-3.1.1.jar
MD5: 242061dd2741386ecef6fc26ef523215
SHA1: ccf79a1a63ef35de038a4226a952175c4e9f4f59
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-monitor\2.0.6\maven-monitor-2.0.6.jar
MD5: f8b3e5aeef81506b436ac21aa4ebd4bc
SHA1: ab682e67281bb025980181c83acbcad19042a342
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-monitor\2.0.9\maven-monitor-2.0.9.jar
MD5: c79613db7f94706db9ec11b772e97e51
SHA1: ae55264ab9ffbbfdba08c8c7853bbe4a2dd32e8a
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-monitor\2.2.1\maven-monitor-2.2.1.jar
MD5: 396e401208090417e0f18ad2b1bccd92
SHA1: afc57c3a1368cd34caccb638e00523701f398c20
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-plugin-api\2.0.1\maven-plugin-api-2.0.1.jar
MD5: 1d1173b5486d89e5daccf2dea36ef01a
SHA1: fa8134698dbb25d95db444b772504020cfcee10c
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-plugin-api\2.0.6\maven-plugin-api-2.0.6.jar
MD5: c0f1e4fb6ded2e1b6f072314500ac353
SHA1: 52b32fd980c8ead7a3858d057330bda1ace72d9d
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-plugin-api\2.0.9\maven-plugin-api-2.0.9.jar
MD5: 09a279f8115f712946ecb81f8c372325
SHA1: 8b8cae9daa688fdb57995c6835a3e24475d554c0
Description: The API for plugins - Mojos - development.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-plugin-api\3.1.1\maven-plugin-api-3.1.1.jar
MD5: 0f0d7bc9468f3c41463a539051e72d8d
SHA1: 3836a4ea31ca2d1531aa250127bc17e6e876d658
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-plugin-descriptor\2.0.6\maven-plugin-descriptor-2.0.6.jar
MD5: 327e6b4446e76ed1bf3a99f998ec16b0
SHA1: 30a00f4ef12d3901c4f842de99e9363e3743245f
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-plugin-descriptor\2.0.9\maven-plugin-descriptor-2.0.9.jar
MD5: e9793555557d308a0e32b57d4d82c6cc
SHA1: 10443d038cd57feb4a027e7dfe09bed0925a1953
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-plugin-descriptor\2.2.1\maven-plugin-descriptor-2.2.1.jar
MD5: f28d3a50552a8d2943587638f5f01455
SHA1: 68d20ae3c40c4664dc52be90338af796db7ffb32
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-plugin-parameter-documenter\2.0.6\maven-plugin-parameter-documenter-2.0.6.jar
MD5: 33cbd7c01a1d83225def9ea3901dea3d
SHA1: df6fa6c4adb313cb8937ffae96368bec1fd5d13d
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-plugin-parameter-documenter\2.0.9\maven-plugin-parameter-documenter-2.0.9.jar
MD5: 12bdfe4c6a1f42ea8c8062293fa18741
SHA1: f481e2677384f6a0ab96633567d736e70657e042
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-plugin-parameter-documenter\2.2.1\maven-plugin-parameter-documenter-2.2.1.jar
MD5: 8ba54f6e61f1b07ec7076bd27d3eaa9c
SHA1: 1a117baac49437fc5a6fcd9f18f779e6bad4207e
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-plugin-registry\2.0.6\maven-plugin-registry-2.0.6.jar
MD5: 397c32613fb87aa3597822f7bd1a10a7
SHA1: 4242ec8629b4797387751379f57e72cb718aac7a
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-plugin-registry\2.0.8\maven-plugin-registry-2.0.8.jar
MD5: 5117e37cb02fb9adaf173868b6a48536
SHA1: 37385b508a04d77575c6b5542b88bd96f5257541
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-plugin-registry\2.0.9\maven-plugin-registry-2.0.9.jar
MD5: 1f00b6993350f474c5ba3d2f216454f9
SHA1: a7172a87a7cb901cf6df4df9fd89a3c2d3f8a770
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-plugin-registry\2.2.1\maven-plugin-registry-2.2.1.jar
MD5: 46a27ab81d327e3f5fd1d3e435fe2aad
SHA1: 72a24b7775649af78f3986b5aa7eb354b9674cfd
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-profile\2.0.6\maven-profile-2.0.6.jar
MD5: 55a264a0d89e84074bd6b54738bdb539
SHA1: f03cd3820d2b4d60b93ccd17a1c14e8eeef63f79
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-profile\2.0.8\maven-profile-2.0.8.jar
MD5: 70e5ea5d77b39aed07c2473f9f9e6e97
SHA1: 4da3b9551606437a80bdc695c4fafde03a037ab9
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-profile\2.0.9\maven-profile-2.0.9.jar
MD5: e1478a4633fef786e33e2717681fe199
SHA1: 0b9b02df9134bff9edb4f4e1624243d005895234
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-profile\2.2.1\maven-profile-2.2.1.jar
MD5: 53dd14e28aaad4bd5dd379dfdbf46a4c
SHA1: 3950071587027e5086e9c395574a60650c432738
Description: This library is used to not only read Maven project object model files, but to assemble inheritence
and to retrieve remote models as required.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-project\2.0.6\maven-project-2.0.6.jar
MD5: c0261a3f01afc3f720b13d67eb3bf448
SHA1: c0df764cd8f5bac660bfa53fa97fdd53663ee308
Description: This library is used to not only read Maven project object model files, but to assemble inheritence
and to retrieve remote models as required.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-project\2.0.8\maven-project-2.0.8.jar
MD5: 18f6eb03145aa8d63d98abe227978170
SHA1: 00475a52c7181930b1680fce3269245ccc26e3de
Description: This library is used to not only read Maven project object model files, but to assemble inheritence
and to retrieve remote models as required.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-project\2.0.9\maven-project-2.0.9.jar
MD5: 5f83007173bd07249b00420ebbd813b0
SHA1: 30ec37813df5a212888a1f3df0b27497ecef4ad8
Description: This library is used to not only read Maven project object model files, but to assemble inheritence
and to retrieve remote models as required.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-project\2.2.1\maven-project-2.2.1.jar
MD5: 8f9382d7c0c120e94c2aaf8bbe817b6f
SHA1: 8239e98c16f641d55a4ad0e0bab0aee3aff8933f
Description: Maven Plugin Mapping
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-repository-metadata\2.0.6\maven-repository-metadata-2.0.6.jar
MD5: c0d62f5257816b463c4638aa4057c891
SHA1: ae64379396d2eba33616ce1e0a458c3a744b317b
Description: Maven Plugin Mapping
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-repository-metadata\2.0.9\maven-repository-metadata-2.0.9.jar
MD5: 566d26822d3f3fc8e6a884cd6809d70e
SHA1: dd79022a827b1d577865d5c97f8ad0c7d6b067b7
Description: Per-directory repository metadata.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-repository-metadata\2.2.1\maven-repository-metadata-2.2.1.jar
MD5: c426b243119831168af2fbd767254f59
SHA1: 98f0c07fcf1eeb213bef8d9316a9935184084b06
Description: Per-directory local and remote repository metadata.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-repository-metadata\3.1.1\maven-repository-metadata-3.1.1.jar
MD5: 04ac2c679942b4e4d6140dcbad09c153
SHA1: ef5bccf2a7a22a326c8fe94e1d56f6f15419bedd
Description: The effective settings builder, with inheritance and password decryption.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-settings-builder\3.1.1\maven-settings-builder-3.1.1.jar
MD5: 78e94e8af3ebba1b54e06dc30f3a499d
SHA1: e2d5e96ea4bbd4fc463dbb76d07dd8aefac05e3c
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-settings\2.0.6\maven-settings-2.0.6.jar
MD5: 2f7740bafacc2493f9b813af45d1ae35
SHA1: 5da16cf9def50e3a352cd7e8923a49ebd72003b8
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-settings\2.0.9\maven-settings-2.0.9.jar
MD5: 6a19eb17efdb4e0c1dd65c32e87b1019
SHA1: ab8d338c00fab0db29af358ab0676c3c02d7329f
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-settings\2.2.1\maven-settings-2.2.1.jar
MD5: 7c3dcffd55434a860339dba78f0c165a
SHA1: 2236ffe71fa5f78ce42b0f5fc22c54ed45f14294
Description: Maven Settings model.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-settings\3.1.1\maven-settings-3.1.1.jar
MD5: 6c3d69b07dca9143cae8b63090ba7d1f
SHA1: 311d38cf15ec7f5c713985862632db91b7a827af
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\maven-toolchain\1.0\maven-toolchain-1.0.jar
MD5: fe52e10c1e277686f0b8492585771d98
SHA1: 1ff4a3f5869f68dfa05562a84e7a5d510d909608
Description: Runs Ant scripts embedded in the POM
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-antrun-plugin\1.3\maven-antrun-plugin-1.3.jar
MD5: d1cd013909700b1e9d42b8bae0503d70
SHA1: a1481166aa4a16c3a37e65f40847e238cc878709
Description: A Maven 2 plugin to create archives of your project's sources, classes, dependencies etc. from flexible assembly descriptors.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-assembly-plugin\2.2-beta-5\maven-assembly-plugin-2.2-beta-5.jar
MD5: 369b5f7cc9bdd267b78cbc9bfaaee436
SHA1: b1fd2e4dea47cb9c2858d26ad0aa608b802d34e2
Description:
The Maven Clean Plugin is a plugin that removes files generated at build-time in a project's directory.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-clean-plugin\2.5\maven-clean-plugin-2.5.jar
MD5: 9a18e4d3f6e6495ed92b7d4694b41e66
SHA1: 75653decaefa85ca8114ff3a4f869bb2ee6d605d
Description:
The Maven Clean Plugin is a plugin that removes files generated at build-time in a project's directory.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-clean-plugin\2.6.1\maven-clean-plugin-2.6.1.jar
MD5: 8dcc382dc49b8156a676b1074b4aacfe
SHA1: bfdf7d6c2f8fc8759457e9d54f458ba56ac7b30f
Description: The Compiler Plugin is used to compile the sources of your project.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-compiler-plugin\3.1\maven-compiler-plugin-3.1.jar
MD5: 4a14a33ab69db9dadfb4d41449ebc651
SHA1: 9977a8d04e75609cf01badc4eb6a9c7198c4c5ea
Description: Provides utility goals to work with dependencies like copying, unpacking, analyzing, resolving and many more.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-dependency-plugin\2.8\maven-dependency-plugin-2.8.jar
MD5: 1dda6a8a4fcb804c82a39c2a2bbac6ab
SHA1: 04c8dedf3d9b2a3f45f3daa93e11ca547d2063ca
Description: Uploads the project artifacts to the internal remote repository.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-deploy-plugin\2.7\maven-deploy-plugin-2.7.jar
MD5: 6dda96c529a615853a71a3fdcd7b0e77
SHA1: 6dadfb75679ca010b41286794f737088ebfe12fd
Description: Uploads the project artifacts to the internal remote repository.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-deploy-plugin\2.8.2\maven-deploy-plugin-2.8.2.jar
MD5: c9f211a7ddbaae0583dde1408c48138a
SHA1: 3c2d83ecd387e9843142ae92a0439792c1500319
Description:
The Maven Help plugin provides goals aimed at helping to make sense out of
the build environment. It includes the ability to view the effective
POM and settings files, after inheritance and active profiles
have been applied, as well as a describe a particular plugin goal to give usage information.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-help-plugin\2.2\maven-help-plugin-2.2.jar
MD5: 71ae3f213f69fb6b85ac4891f8d18484
SHA1: c8b771337bbe83860e351d2f594287d94aefc305
Description: Copies the project artifacts to the user's local repository.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-install-plugin\2.4\maven-install-plugin-2.4.jar
MD5: f5bb3c264487db208f3fcd71c3208d7d
SHA1: 9d1316166fe4c313f56276935e08df11f45267c2
Description: Copies the project artifacts to the user's local repository.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-install-plugin\2.5.2\maven-install-plugin-2.5.2.jar
MD5: 5d888555943fb34ffc35eac586e7747e
SHA1: 8a67631619fc3c1d1f036e59362ddce71e1e496f
Description: Builds a Java Archive (JAR) file from the compiled project classes and resources.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-jar-plugin\2.4\maven-jar-plugin-2.4.jar
MD5: 0cdeb5ec79a2135a1eaa4718b087bbb1
SHA1: e3200bcf357b5c5e26df072d27df160546bb079a
Description: Builds a Java Archive (JAR) file from the compiled project classes and resources.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-jar-plugin\2.6\maven-jar-plugin-2.6.jar
MD5: a96e43f51ae2520c93e491ff1c89d491
SHA1: 618f08d0fcdd3929af846ef1b65503b5904f93e3
Description: This plugin is used to release a project with Maven, saving a lot of repetitive, manual work.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-release-plugin\2.3.2\maven-release-plugin-2.3.2.jar
MD5: 08beb022e4cf36ccad791756c57a6c3b
SHA1: 1bf8cccad0d273db8deb88fe2368c0be96766855
Description:
The Resources Plugin handles the copying of project resources to the output
directory. There are two different kinds of resources: main resources and test resources. The
difference is that the main resources are the resources associated to the main
source code while the test resources are associated to the test source code.
Thus, this allows the separation of resources for the main source code and its
unit tests.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-resources-plugin\2.6\maven-resources-plugin-2.6.jar
MD5: e7cc4bbb6888e6c9dd5acdad08cf4bd3
SHA1: dd093ff6a4b680eae7ae83b5ab04310249fc6590
Description:
Repackages the project classes together with their dependencies into a single uber-jar, optionally renaming classes
or removing unused classes.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-shade-plugin\2.2\maven-shade-plugin-2.2.jar
MD5: df19051da7ce8de9bc4742d0b1051d21
SHA1: 71450816528f4565b853c6ab2e9d4451fc50e130
Description: The Maven Site Plugin is a plugin that generates a site for the current project.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-site-plugin\3.3\maven-site-plugin-3.3.jar
MD5: 0a4bf1cf2f7f6fef8479f5a4efb8f2e3
SHA1: 77ba1752b1ac4c4339d6f11554800960a56a4ae1
Description: The Maven Site Plugin is a plugin that generates a site for the current project.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-site-plugin\3.5.1\maven-site-plugin-3.5.1.jar
MD5: d8d82805807d877e5269f195b3809a0b
SHA1: 73b29fa407ee39cc62e80d6edcc4ec8078276408
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-surefire-plugin\2.12.4\maven-surefire-plugin-2.12.4.jar
MD5: 39e2c062e476ffa7702354dcf3ed5730
SHA1: 2b435f7f77777d2e62354fdc690da3f1dc47a26b
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\plugins\maven-surefire-plugin\2.18.1\maven-surefire-plugin-2.18.1.jar
MD5: 32c355be4424c35f6aab5f6954b06011
SHA1: 402fd3066fd6d85ea4a1a3e7cd82a7e35037e6e8
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\reporting\maven-reporting-api\2.0.6\maven-reporting-api-2.0.6.jar
MD5: 1d29edd74852d0cfc1d65cfa89a68256
SHA1: 29ec352c90968c345b628be6c40ddfb5ec7010a8
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\reporting\maven-reporting-api\2.2.1\maven-reporting-api-2.2.1.jar
MD5: 5e680d893d92086dffd8cc42637ceb0f
SHA1: 61942e490c112f84b3a1a61572d570f369414939
Description: A collection of ready-made filters to control inclusion/exclusion of artifacts during dependency resolution.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\shared\maven-common-artifact-filters\1.4\maven-common-artifact-filters-1.4.jar
MD5: f349d565d928ff833dd1118ea565810e
SHA1: de97ff2efd804f06c3698a914f2d55205742bcc4
Description: A tree-based API for resolution of Maven project dependencies
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\shared\maven-dependency-tree\2.1\maven-dependency-tree-2.1.jar
MD5: b992f12a1ec7c95d6c5956bbac5b9ffa
SHA1: 29c4d6aeae519809b9af0607156bbdd174efb0bb
Description: A component to assist in filtering of resource files with properties from a Maven project.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\shared\maven-filtering\1.1\maven-filtering-1.1.jar
MD5: 3b5b0ada45051e5ab5052aecf3edfcc0
SHA1: c223ff4ef9e9b3b51b2c9310dda59527a4b85baf
Description:
Various utility classes and plexus components for supporting
incremental build functionality in maven plugins.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\shared\maven-shared-incremental\1.1\maven-shared-incremental-1.1.jar
MD5: 8a48e08aa027a7ac33fcc85054512021
SHA1: 9d017a7584086755445c0a260dd9a1e9eae161a5
Description: Shared utils without any further dependencies
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\shared\maven-shared-utils\0.1\maven-shared-utils-0.1.jar
MD5: f3d7be3cea603eeb617655fb1b9df622
SHA1: 5366d4739b5239472598227e80b97ad57f5d95e4
Description: Shared utils without any further dependencies
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\shared\maven-shared-utils\0.7\maven-shared-utils-0.7.jar
MD5: 96ba4884a1c007e9c88cbc300fdada45
SHA1: 0704e679088765e7df5e1ef3eef400c4a061c9ef
Description: Maven Wagon API that defines the contract between different Wagon implementations
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\wagon\wagon-provider-api\1.0-beta-6\wagon-provider-api-1.0-beta-6.jar
MD5: 63826e38e44f08e7935c1d173667ed8c
SHA1: 3f952e0282ae77ae59851d96bb18015e520b6208
Description:
Apache Santuario supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the Java library supports the standard Java API JSR-105: XML Digital
Signature APIs.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\santuario\xmlsec\1.4.5\xmlsec-1.4.5.jar
Description:
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\santuario\xmlsec\1.5.4\xmlsec-1.5.4.jar
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors
Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), related to signatures.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-310 Cryptographic Issues
jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak "canonicalization algorithm to apply to the SignedInfo part of the Signature."
Vulnerable Software & Versions: (show all)
Description:
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\santuario\xmlsec\1.5.6\xmlsec-1.5.6.jar
Description:
Apache XML Security for Java supports XML-Signature Syntax and Processing,
W3C Recommendation 12 February 2002, and XML Encryption Syntax and
Processing, W3C Recommendation 10 December 2002. As of version 1.4,
the library supports the standard Java API JSR-105: XML Digital Signature APIs.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\santuario\xmlsec\2.0.7\xmlsec-2.0.7.jar
Description: Apache Solr Solrj
File Path: C:\Users\Tamara\.m2\repository\org\apache\solr\solr-solrj\5.5.4\solr-solrj-5.5.4.jar
MD5: 0843db89c8e0b5aac990b9f9f2fed14a
SHA1: 0b6a9482376946fd1c0314d9e2de97fe830c651e
Description: Core Tomcat implementation
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\tomcat\embed\tomcat-embed-core\8.5.14\tomcat-embed-core-8.5.14.jar
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-19 Data Handling
It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu.
Vulnerable Software & Versions:
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-254 Security Features
The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original HTTP method. If the error page is a static file, expected behaviour is to serve content of the file as if processing a GET request, regardless of the actual HTTP method. The Default Servlet in Apache Tomcat 9.0.0.M1 to 9.0.0.M20, 8.5.0 to 8.5.14, 8.0.0.RC1 to 8.0.43 and 7.0.0 to 7.0.77 did not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the the HTTP method. JSPs used as error pages must must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
CWE: CWE-264 Permissions, Privileges, and Access Controls
The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group.
Vulnerable Software & Versions:
Severity:
High
CVSS Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
CWE: CWE-264 Permissions, Privileges, and Access Controls
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.
Vulnerable Software & Versions:
Description: Core Tomcat implementation
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\tomcat\embed\tomcat-embed-core\8.5.15\tomcat-embed-core-8.5.15.jar
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-19 Data Handling
It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not backporting the fix for Tomcat bug 57544. Distributions affected by this backporting issue include Debian (before 7.0.56-3+deb8u8 and 8.0.14-1+deb8u7 in jessie) and Ubuntu.
Vulnerable Software & Versions:
Severity:
High
CVSS Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
CWE: CWE-264 Permissions, Privileges, and Access Controls
The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group.
Vulnerable Software & Versions:
Severity:
High
CVSS Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)
CWE: CWE-264 Permissions, Privileges, and Access Controls
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.
Vulnerable Software & Versions:
Description: Core Tomcat implementation
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\tomcat\embed\tomcat-embed-el\8.5.14\tomcat-embed-el-8.5.14.jar
Description: Core Tomcat implementation
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\tomcat\embed\tomcat-embed-el\8.5.15\tomcat-embed-el-8.5.15.jar
Description: Tomcat JDBC Pool Package
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\tomcat\tomcat-jdbc\8.5.14\tomcat-jdbc-8.5.14.jar
Description: Tomcat JDBC Pool Package
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\tomcat\tomcat-jdbc\8.5.15\tomcat-jdbc-8.5.15.jar
Description: Tomcat Core Logging Package
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\tomcat\tomcat-juli\8.5.14\tomcat-juli-8.5.14.jar
Description: Tomcat Core Logging Package
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\tomcat\tomcat-juli\8.5.15\tomcat-juli-8.5.15.jar
Description: Commons XMLSchema is a light weight schema object model that can be used to manipulate or
generate XML schema.
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\ws\xmlschema\xmlschema-core\2.2.1\xmlschema-core-2.2.1.jar
Description: XBean is a plugin based server architecture.
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\xbean\xbean-reflect\3.4\xbean-reflect-3.4.jar
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\apache\zookeeper\zookeeper\3.4.6\zookeeper-3.4.6.jar
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string.
Vulnerable Software & Versions: (show all)
Severity:
Low
CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-255 Credentials Management
Apache Zookeeper logs cleartext admin passwords, which allows local users to obtain sensitive information by reading the log.
Vulnerable Software & Versions: (show all)
Description: The AspectJ weaver introduces advices to java classes
License:
Eclipse Public License - v 1.0: http://www.eclipse.org/legal/epl-v10.htmlFile Path: C:\Users\Tamara\.m2\repository\org\aspectj\aspectjweaver\1.8.10\aspectjweaver-1.8.10.jar
Description: Rich and fluent assertions for testing
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\assertj\assertj-core\2.6.0\assertj-core-2.6.0.jar
Description: The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8.
License:
Bouncy Castle Licence: http://www.bouncycastle.org/licence.htmlFile Path: C:\Users\Tamara\.m2\repository\org\bouncycastle\bcprov-jdk15on\1.54\bcprov-jdk15on-1.54.jar
Description: This plugin contains various small independent goals to assist with Maven build lifecycle
License:
The MIT License: http://www.opensource.org/licenses/mit-license.phpFile Path: C:\Users\Tamara\.m2\repository\org\codehaus\mojo\build-helper-maven-plugin\1.10\build-helper-maven-plugin-1.10.jar
Description: Mojo's JAXB-2 Maven plugin is used to create an object graph from XSDs based on the JAXB 2.1 implementation and to generate XSDs from JAXB annotated Java classes.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\codehaus\mojo\jaxb2-maven-plugin\1.6\jaxb2-maven-plugin-1.6.jar
Description: A plugin for various XML related tasks like validation, transformation, and the like.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\codehaus\mojo\xml-maven-plugin\1.0\xml-maven-plugin-1.0.jar
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-archiver\2.8.1\plexus-archiver-2.8.1.jar
MD5: 82e179bd11b1f06339b1f70b46ecb735
SHA1: 303776b3f932488380e34fe43b51ab1bbd717b8a
Description: A class loader framework
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-classworlds\2.2.2\plexus-classworlds-2.2.2.jar
MD5: a7d552779645c1f7368fdaef3401c9cc
SHA1: 3a2bad2b58c1ca765d3f471cea8c1655d70fdfd9
Description: A class loader framework
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-classworlds\2.5.1\plexus-classworlds-2.5.1.jar
Description: Plexus Compilers component's API to manipulate compilers.
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-compiler-api\1.9.1\plexus-compiler-api-1.9.1.jar
MD5: bba33a2a4446ccec027f3a3a8304dc2b
SHA1: 6615c34ced74106ee4561f76a093b59ea7fc52b9
Description: Plexus Compilers component's API to manipulate compilers.
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-compiler-api\2.2\plexus-compiler-api-2.2.jar
MD5: 085672a9fff1b6006f1dc6b44260a2b1
SHA1: e9fe39d3b428df50637cccd434b414192e833754
Description: Javac Compiler support for Plexus Compiler component.
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-compiler-javac\2.2\plexus-compiler-javac-2.2.jar
MD5: 806ac3c657d8eae839a6a126f3c107d5
SHA1: 2f3de65bca1d5e6198d3839510a876b29af7b6fd
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-compiler-manager\2.2\plexus-compiler-manager-2.2.jar
MD5: 1ac53eb22fb4c832e3b1f9d98d9db229
SHA1: e65c11400242a7a082f9f0d12ffec13dc26ab4c0
Description:
Plexus Component "Java 5" Annotations, to describe plexus components properties in java sources with
standard annotations instead of javadoc annotations.
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-component-annotations\1.5.5\plexus-component-annotations-1.5.5.jar
MD5: ef37dcdb84030422db428b63c4354e5b
SHA1: c72f2660d0cbed24246ddb55d7fdc4f7374d2078
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-container-default\1.0-alpha-9-stable-1\plexus-container-default-1.0-alpha-9-stable-1.jar
MD5: 99533a9d3e0fa3280cd0bd3426c5f99b
SHA1: 94aea3010e250a334d9dab7f591114cd6c767458
Description:
The Plexus IoC container API and its default implementation.
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-container-default\1.5.5\plexus-container-default-1.5.5.jar
MD5: 9207a5b343b0cb5d22b09f41e87fce00
SHA1: 0265fa2851d31c2e2177859a518987595efe146b
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-interactivity-api\1.0-alpha-4\plexus-interactivity-api-1.0-alpha-4.jar
MD5: c8ce4cfd3b7b6419c00dcb780a6eb603
SHA1: 0a8f1178664a5457eef3f4531eb62f9505e1295f
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-interpolation\1.11\plexus-interpolation-1.11.jar
MD5: d5ef768cef9a261d569ff1f672324154
SHA1: ad9dddff6043194904ad1d2c00ff1d003c3915f7
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-interpolation\1.13\plexus-interpolation-1.13.jar
MD5: 5c73687acbbe51f07d3b563fd1c656b1
SHA1: 1740038076cec1946fd28ed5ac5c1688f7cf7630
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-interpolation\1.21\plexus-interpolation-1.21.jar
MD5: 6629656495f4e5eac4f244fe3b252ea1
SHA1: f92de59d295f16868001644acc21720f3ec9eb15
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-io\2.3.2\plexus-io-2.3.2.jar
MD5: fa24d683566cea401900b7e6623ad47e
SHA1: 092039985681333499e44f032887b6e340816a1d
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-utils\1.5.1\plexus-utils-1.5.1.jar
MD5: 2a666534a425add50d017d4aa06a6fca
SHA1: 342d1eb41a2bc7b52fa2e54e9872463fc86e2650
Description: A collection of various utility classes to ease working with strings, files, command lines, XML and more.
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-utils\2.0.5\plexus-utils-2.0.5.jar
MD5: 2cdd259db323d528c7c4ee7dfb1c6d4d
SHA1: 7841ba10ea46c9611ce702c3833ff9fccc8ae6eb
Description: A collection of various utility classes to ease working with strings, files, command lines, XML and
more.
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-utils\3.0.16\plexus-utils-3.0.16.jar
MD5: 226f7eebd4492d83cf5b5a613874dad2
SHA1: c0088b2d0d7a21955a874e88612e0fd461ef5407
Description: A collection of various utility classes to ease working with strings, files, command lines, XML and
more.
File Path: C:\Users\Tamara\.m2\repository\org\codehaus\plexus\plexus-utils\3.0.20\plexus-utils-3.0.20.jar
MD5: 938c786f2aca49b44b0cbfd39db51c5a
SHA1: e121ed37af8ee3928952f6d8a303de24e019aab0
Description: tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.
License:
The BSD License: http://www.opensource.org/licenses/bsd-license.phpFile Path: C:\Users\Tamara\.m2\repository\org\codehaus\woodstox\stax2-api\3.1.4\stax2-api-3.1.4.jar
Description: Woodstox is a high-performance XML processor that
implements Stax (JSR-173) and SAX2 APIs
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\codehaus\woodstox\woodstox-core-asl\4.4.1\woodstox-core-asl-4.4.1.jar
Description:
The application programming interface for the repository system.
License:
http://www.eclipse.org/legal/epl-v10.htmlFile Path: C:\Users\Tamara\.m2\repository\org\eclipse\aether\aether-api\1.0.2.v20150114\aether-api-1.0.2.v20150114.jar
Description:
An implementation of the repository system.
License:
http://www.eclipse.org/legal/epl-v10.htmlFile Path: C:\Users\Tamara\.m2\repository\org\eclipse\aether\aether-impl\1.0.2.v20150114\aether-impl-1.0.2.v20150114.jar
Description:
The service provider interface for repository system implementations and repository connectors.
License:
http://www.eclipse.org/legal/epl-v10.htmlFile Path: C:\Users\Tamara\.m2\repository\org\eclipse\aether\aether-spi\1.0.2.v20150114\aether-spi-1.0.2.v20150114.jar
Description:
A collection of utility classes to ease usage of the repository system.
License:
http://www.eclipse.org/legal/epl-v10.htmlFile Path: C:\Users\Tamara\.m2\repository\org\eclipse\aether\aether-util\1.0.2.v20150114\aether-util-1.0.2.v20150114.jar
License:
http://www.eclipse.org/legal/epl-v10.htmlFile Path: C:\Users\Tamara\.m2\repository\org\eclipse\sisu\org.eclipse.sisu.inject\0.0.0.M5\org.eclipse.sisu.inject-0.0.0.M5.jar
License:
http://www.eclipse.org/legal/epl-v10.htmlFile Path: C:\Users\Tamara\.m2\repository\org\eclipse\sisu\org.eclipse.sisu.plexus\0.0.0.M5\org.eclipse.sisu.plexus-0.0.0.M5.jar
Description:
This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.
File Path: C:\Users\Tamara\.m2\repository\org\hamcrest\hamcrest-core\1.3\hamcrest-core-1.3.jar
MD5: 6393363b47ddcbba82321110c3e07519
SHA1: 42a25dc3219429f0e5d060061f71acb49bf010a0
Description:
Hamcrest library of matcher implementations.
File Path: C:\Users\Tamara\.m2\repository\org\hamcrest\hamcrest-library\1.3\hamcrest-library-1.3.jar
MD5: 110ad2ea84f7031a1798648b6b318e79
SHA1: 4785a3c21320980282f9f33d0d1264a69040538f
Description: Common reflection code used in support of annotation processing
License:
GNU Lesser General Public License: http://www.gnu.org/licenses/lgpl-2.1.htmlFile Path: C:\Users\Tamara\.m2\repository\org\hibernate\common\hibernate-commons-annotations\5.0.1.Final\hibernate-commons-annotations-5.0.1.Final.jar
Description: The core O/RM functionality as provided by Hibernate
License:
GNU Lesser General Public License: http://www.gnu.org/licenses/lgpl-2.1.htmlFile Path: C:\Users\Tamara\.m2\repository\org\hibernate\hibernate-core\5.0.12.Final\hibernate-core-5.0.12.Final.jar
Description: Hibernate O/RM implementation of the JPA specification
License:
GNU Lesser General Public License: http://www.gnu.org/licenses/lgpl-2.1.htmlFile Path: C:\Users\Tamara\.m2\repository\org\hibernate\hibernate-entitymanager\5.0.12.Final\hibernate-entitymanager-5.0.12.Final.jar
Description: Hibernate's Bean Validation (JSR-303) reference implementation.
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\hibernate\hibernate-validator\5.3.5.Final\hibernate-validator-5.3.5.Final.jar
Description: Clean-room definition of JPA APIs intended for use in developing Hibernate JPA implementation. See README.md for details
License:
Eclipse Public License (EPL), Version 1.0: http://www.eclipse.org/legal/epl-v10.html Eclipse Distribution License (EDL), Version 1.0: http://www.eclipse.org/org/documents/edl-v10.phpFile Path: C:\Users\Tamara\.m2\repository\org\hibernate\javax\persistence\hibernate-jpa-2.1-api\1.0.0.Final\hibernate-jpa-2.1-api-1.0.0.Final.jar
Description: Java library which enables encryption in java apps with minimum effort.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\jasypt\jasypt\1.9.2\jasypt-1.9.2.jar
Description:
Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation
simple. It is a class library for editing bytecodes in Java.
License:
MPL 1.1: http://www.mozilla.org/MPL/MPL-1.1.html LGPL 2.1: http://www.gnu.org/licenses/lgpl-2.1.html Apache License 2.0: http://www.apache.org/licenses/File Path: C:\Users\Tamara\.m2\repository\org\javassist\javassist\3.21.0-GA\javassist-3.21.0-GA.jar
Description: Parent POM for JBoss projects. Provides default project build configuration.
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\jboss\jandex\2.0.0.Final\jandex-2.0.0.Final.jar
Description: The JBoss Logging Framework
License:
Apache License, version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\jboss\logging\jboss-logging\3.3.1.Final\jboss-logging-3.3.1.Final.jar
Description:
JDOM is, quite simply, a Java representation of an XML document. JDOM provides a way to represent that document for
easy and efficient reading, manipulation, and writing. It has a straightforward API, is a lightweight and fast, and
is optimized for the Java programmer. It's an alternative to DOM and SAX, although it integrates well with both DOM
and SAX.
File Path: C:\Users\Tamara\.m2\repository\org\jdom\jdom\1.1\jdom-1.1.jar
MD5: adf67fc5dcf48e1593640ad7e02f6ad4
SHA1: 1d04c0f321ea337f3661cf7ede8f4c6f653a8fdd
Description: Mock objects library for java
License:
The MIT License: http://github.com/mockito/mockito/blob/master/LICENSEFile Path: C:\Users\Tamara\.m2\repository\org\mockito\mockito-core\1.10.19\mockito-core-1.10.19.jar
Description: Noggit is the world's fastest streaming JSON parser for Java.
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\noggit\noggit\0.6\noggit-0.6.jar
Description: A library for instantiating Java objects
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\objenesis\objenesis\2.1\objenesis-2.1.jar
File Path: C:\Users\Tamara\.m2\repository\org\ow2\asm\asm\5.0.3\asm-5.0.3.jar
MD5: ccebee99fb8cdd50e1967680a2eac0ba
SHA1: dcc2193db20e19e1feca8b1240dbbc4e190824fa
Description: dependency-check-maven is a Maven Plugin that uses dependency-check-core to detect publicly disclosed vulnerabilities associated with the project's dependencies. The plugin will generate a report listing the dependency, any identified Common Platform Enumeration (CPE) identifiers, and the associated Common Vulnerability and Exposure (CVE) entries.
File Path: C:\Users\Tamara\.m2\repository\org\owasp\dependency-check-maven\1.4.5\dependency-check-maven-1.4.5.jar
MD5: d44dbd782c52e7f87c1c90bdb74d810c
SHA1: ae387c8e4c8297d3fe9cf0f1915f2cf1eb0470bf
Description: A library to develop RESTful but flexible APIs
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\skyscreamer\jsonassert\1.4.0\jsonassert-1.4.0.jar
Description:
JCL 1.1.1 implementation over SLF4J
File Path: C:\Users\Tamara\.m2\repository\org\slf4j\jcl-over-slf4j\1.5.6\jcl-over-slf4j-1.5.6.jar
MD5: 4ab274630492c6896f1eb88023af3c07
SHA1: 629680940b7dcb02c3904deb85992b462c42e272
Description: JCL 1.2 implemented over SLF4J
File Path: C:\Users\Tamara\.m2\repository\org\slf4j\jcl-over-slf4j\1.7.25\jcl-over-slf4j-1.7.25.jar
MD5: 56b22adc639b09b2e917f42d68b26600
SHA1: f8c32b13ff142a513eeb5b6330b1588dcb2c0461
Description: JUL to SLF4J bridge
File Path: C:\Users\Tamara\.m2\repository\org\slf4j\jul-to-slf4j\1.7.25\jul-to-slf4j-1.7.25.jar
MD5: ab28124cb05fec600f2ffe37b94629e0
SHA1: 0af5364cd6679bfffb114f0dec8a157aaa283b76
Description: Log4j implemented over SLF4J
License:
Apache Software Licenses: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\slf4j\log4j-over-slf4j\1.7.25\log4j-over-slf4j-1.7.25.jar
Description: The slf4j API
File Path: C:\Users\Tamara\.m2\repository\org\slf4j\slf4j-api\1.5.6\slf4j-api-1.5.6.jar
MD5: ca55c6dae5d0f9a8a829720408918586
SHA1: ec9b7142625dfa1dcaf22db99ecb7c555ffa714d
Description: The slf4j API
File Path: C:\Users\Tamara\.m2\repository\org\slf4j\slf4j-api\1.7.25\slf4j-api-1.7.25.jar
MD5: caafe376afb7086dcbee79f780394ca3
SHA1: da76ca59f6a57ee3102f8f9bd9cee742973efa8a
Description:
The slf4j JDK14 binding
File Path: C:\Users\Tamara\.m2\repository\org\slf4j\slf4j-jdk14\1.5.6\slf4j-jdk14-1.5.6.jar
MD5: bca9b637bc7d0f99cd1f3dc16cb91039
SHA1: cc383fbd07dd1826bbcba1b907bbdc0b5be627f1
File Path: C:\Users\Tamara\.m2\repository\org\sonatype\plexus\plexus-build-api\0.0.4\plexus-build-api-0.0.4.jar
MD5: 13d7fef2a986970e589f5ea1019dc05f
SHA1: 8fdcf45c2fad3052a51385fdfc79753d9124a1a7
File Path: C:\Users\Tamara\.m2\repository\org\sonatype\plexus\plexus-build-api\0.0.7\plexus-build-api-0.0.7.jar
MD5: 49f0f8c6bdf2687e358870a4fc1559c6
SHA1: e6ba5cd4bfd8de00235af936e7f63eb24ed436e6
File Path: C:\Users\Tamara\.m2\repository\org\sonatype\plexus\plexus-cipher\1.4\plexus-cipher-1.4.jar
MD5: 7b2d6fcf0d5800d5b1ce09d98d98dcaf
SHA1: 50ade46f23bb38cd984b4ec560c46223432aac38
File Path: C:\Users\Tamara\.m2\repository\org\sonatype\plexus\plexus-sec-dispatcher\1.3\plexus-sec-dispatcher-1.3.jar
MD5: 53160199f5667de3fca69b723173639b
SHA1: dedc02034fb8fcd7615d66593228cb71709134b4
Description: Guice trunk with some patches applied for Sisu
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\sonatype\sisu\sisu-guice\2.1.7\sisu-guice-2.1.7-noaop.jar
Description: Patched build of Guice: a lightweight dependency injection framework for Java 5 and above
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\sonatype\sisu\sisu-guice\3.1.0\sisu-guice-3.1.0-no_aop.jar
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\sonatype\sisu\sisu-inject-bean\1.4.2\sisu-inject-bean-1.4.2.jar
License:
http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\sonatype\sisu\sisu-inject-plexus\1.4.2\sisu-inject-plexus-1.4.2.jar
Description: Spring Boot AutoConfigure
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-autoconfigure\1.5.3.RELEASE\spring-boot-autoconfigure-1.5.3.RELEASE.jar
MD5: ed9fd89f47a140124a5e2b6d07517dd9
SHA1: b2b4d4a704f039bf22787cc412b1dd34741821fc
Description: Spring Boot AutoConfigure
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-autoconfigure\1.5.4.RELEASE\spring-boot-autoconfigure-1.5.4.RELEASE.jar
MD5: 03bc3a0621cf24d122079d650a9c0eb2
SHA1: 5591fa7358d950f374532c7d92dccf113ebfa1bb
Description: Spring Boot Developer Tools
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-devtools\1.5.4.RELEASE\spring-boot-devtools-1.5.4.RELEASE.jar
MD5: 0600dca4dcf6aefbfb0eb121dd5d0168
SHA1: a2529c5831fef1338f56bb894a2d85e195923ad6
Description: Spring Boot Loader Tools
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-loader-tools\1.5.4.RELEASE\spring-boot-loader-tools-1.5.4.RELEASE.jar
MD5: cd6c632f5f9e5d4b4aa1317f4d4ed39d
SHA1: 0067ba8d60de0aa7633e8b9a50eb11a83d69f944
Description: Spring Boot Loader
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-loader-tools\1.5.4.RELEASE\spring-boot-loader-tools-1.5.4.RELEASE.jar\META-INF\loader\spring-boot-loader.jar
MD5: fa8b54f23b4e0b2e39f382f11196caca
SHA1: dd3a8fedbe790b8696269ead179521c972608ecc
Description: Spring Boot Maven Plugin
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-maven-plugin\1.5.3.RELEASE\spring-boot-maven-plugin-1.5.3.RELEASE.jar
MD5: f75707b9c22e3e6c9851dcd2c6b24280
SHA1: f731986a4462809c58c6c98a09658b84a17c5d97
Description: Spring Boot Maven Plugin
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-maven-plugin\1.5.4.RELEASE\spring-boot-maven-plugin-1.5.4.RELEASE.jar
MD5: 4ab65f6a9b2777568c8e723011b567d8
SHA1: cd1d8ac8cb32f40a3da4ad87690d930afd1f43e1
Description: Starter for aspect-oriented programming with Spring AOP and AspectJ
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-aop\1.5.3.RELEASE\spring-boot-starter-aop-1.5.3.RELEASE.jar
MD5: 09eb38091a05ca1cfd3e3bbd2bf2802c
SHA1: 7e75f8ddc608c7aecf944b90888a18c884178371
Description: Starter for aspect-oriented programming with Spring AOP and AspectJ
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-aop\1.5.4.RELEASE\spring-boot-starter-aop-1.5.4.RELEASE.jar
MD5: 3991fdf97135ae47e59c9596cba0f7ee
SHA1: 1650672554abd364c728de5ce1aba7c28181968c
Description: Starter for using Spring Data JPA with Hibernate
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-data-jpa\1.5.3.RELEASE\spring-boot-starter-data-jpa-1.5.3.RELEASE.jar
MD5: b1947aa4964379985683f4ca915eafd1
SHA1: 67f1d0cc0fdeb20595c54ce3340f048fe3b6f67f
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 (Gosling SR6) and 1.10.x before 1.10.4 (Hopper SR4), when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call.
Vulnerable Software & Versions: (show all)
Description: Starter for using Spring Data JPA with Hibernate
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-data-jpa\1.5.4.RELEASE\spring-boot-starter-data-jpa-1.5.4.RELEASE.jar
MD5: 5b50af16091032478618490e17f76d49
SHA1: 61bafdbd6d31e67b024c432de34a19b35e46c062
Severity:
Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL injection vulnerability in Pivotal Spring Data JPA before 1.9.6 (Gosling SR6) and 1.10.x before 1.10.4 (Hopper SR4), when used with a repository that defines a String query using the @Query annotation, allows attackers to execute arbitrary JPQL commands via a sort instance with a function call.
Vulnerable Software & Versions: (show all)
Description: Starter for using the Apache Solr search platform with Spring Data
Solr
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-data-solr\1.5.4.RELEASE\spring-boot-starter-data-solr-1.5.4.RELEASE.jar
MD5: 4ac0e9bf7edf85e6e7ac2807685ecd3f
SHA1: f36965eabc75b0c000bc1196b3853ebafab222aa
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in the Admin UI in Apache Solr before 5.3.1 allows remote attackers to inject arbitrary web script or HTML via the entry parameter to a plugins/cache URI.
Vulnerable Software & Versions:
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/schema-browser.js in the Admin UI in Apache Solr before 5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted schema-browse URL.
Vulnerable Software & Versions:
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow remote attackers to inject arbitrary web script or HTML via crafted fields that are mishandled during the rendering of the (1) Analysis page, related to webapp/web/js/scripts/analysis.js or (2) Schema-Browser page, related to webapp/web/js/scripts/schema-browser.js.
Vulnerable Software & Versions:
Severity:
Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6407.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Vulnerable Software & Versions: (show all)
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries.
Vulnerable Software & Versions: (show all)
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, different vectors than CVE-2013-6407.
Vulnerable Software & Versions: (show all)
Description: Starter for using JDBC with the Tomcat JDBC connection pool
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-jdbc\1.5.3.RELEASE\spring-boot-starter-jdbc-1.5.3.RELEASE.jar
MD5: a84774d638e02f02389da93edb7f69ff
SHA1: 8f1cdf7364558dd808e575c5815dd1ceaa99bcc5
Description: Starter for using JDBC with the Tomcat JDBC connection pool
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-jdbc\1.5.4.RELEASE\spring-boot-starter-jdbc-1.5.4.RELEASE.jar
MD5: f4ca7c9862490fa320f185f640be3ebb
SHA1: 587ab04faeaeb2cbec0adf8fba68ee278d2c8764
Description: Starter for logging using Logback. Default logging starter
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-logging\1.5.3.RELEASE\spring-boot-starter-logging-1.5.3.RELEASE.jar
MD5: 4fdfab90d61678a550e75ba40b2d080e
SHA1: ae7f1d938755553b228dd7a7f98aebb0a683c099
Description: Starter for logging using Logback. Default logging starter
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-logging\1.5.4.RELEASE\spring-boot-starter-logging-1.5.4.RELEASE.jar
MD5: e2c9cd832a5632a8f828aa83b40715d0
SHA1: 6b4364cfee82890ce9a9c2c59066f3a6e525debd
Description: Starter for testing Spring Boot applications with libraries including
JUnit, Hamcrest and Mockito
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-test\1.5.3.RELEASE\spring-boot-starter-test-1.5.3.RELEASE.jar
MD5: 7ef4b12d43a48dce7b86854f8de6ed82
SHA1: c04072c6637e9a7798ef152dc04581d2644b56ed
Description: Starter for testing Spring Boot applications with libraries including
JUnit, Hamcrest and Mockito
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-test\1.5.4.RELEASE\spring-boot-starter-test-1.5.4.RELEASE.jar
MD5: eef18cfdd1f1ec6bbf64ed6624c6a546
SHA1: a764033c4be6e73310a6b12604a37c20d3bd0176
Description: Starter for using Tomcat as the embedded servlet container. Default
servlet container starter used by spring-boot-starter-web
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-tomcat\1.5.3.RELEASE\spring-boot-starter-tomcat-1.5.3.RELEASE.jar
MD5: 4c04660aad3543b38622a2f66e4591a1
SHA1: 1b71416805e0bbf6885ee65aae440adbad0afe60
Description: Starter for using Tomcat as the embedded servlet container. Default
servlet container starter used by spring-boot-starter-web
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-tomcat\1.5.4.RELEASE\spring-boot-starter-tomcat-1.5.4.RELEASE.jar
MD5: c3d5f760fff60f059d2b377158e7d0c0
SHA1: d7e26f1d0e594bd1aab7da227649fc12c1958416
Description: Starter for using Spring Web Services
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-web-services\1.5.3.RELEASE\spring-boot-starter-web-services-1.5.3.RELEASE.jar
MD5: 1bfe9a7d704cb48b7ac846463dd5e69b
SHA1: 9465d5ccc939e6fbdbb0af822f5414be7b0d4979
Description: Starter for using Spring Web Services
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-web-services\1.5.4.RELEASE\spring-boot-starter-web-services-1.5.4.RELEASE.jar
MD5: ea6bfa7d1a785fe1c921fce3acdac2a5
SHA1: 40eb6d53642bd0f16db3cc3108233646bc9044e2
Description: Starter for building web, including RESTful, applications using Spring
MVC. Uses Tomcat as the default embedded container
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-web\1.5.3.RELEASE\spring-boot-starter-web-1.5.3.RELEASE.jar
MD5: cd4d64d2f32ae9193f5ec080fbba51a7
SHA1: 37469baf2a75a9d2230391a5038f49d4018d2bcc
Description: Starter for building web, including RESTful, applications using Spring
MVC. Uses Tomcat as the default embedded container
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter-web\1.5.4.RELEASE\spring-boot-starter-web-1.5.4.RELEASE.jar
MD5: 4543018151a8d7b3b26bc114c1be0a41
SHA1: 005d6c554f34b20dffcbdfc7edf9b80956e2dace
Description: Core starter, including auto-configuration support, logging and YAML
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter\1.5.3.RELEASE\spring-boot-starter-1.5.3.RELEASE.jar
MD5: dbed0cb5ae026c536bebed50af82b417
SHA1: 03b966d5e3d422474b7af2e73ae0d371ae02718b
Description: Core starter, including auto-configuration support, logging and YAML
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-starter\1.5.4.RELEASE\spring-boot-starter-1.5.4.RELEASE.jar
MD5: cea52c15cc8e873abf367235a94a37fe
SHA1: 74d5aa641503ddd12833c82cc19b295f9f40e8fa
Description: Spring Boot Test Auto-Configure
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-test-autoconfigure\1.5.3.RELEASE\spring-boot-test-autoconfigure-1.5.3.RELEASE.jar
MD5: 09e9393f9f2316ba70df15eb64e2488e
SHA1: b0469a036d8c23f1d48e1a5bf9c0443ef2aa0fc3
Description: Spring Boot Test Auto-Configure
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-test-autoconfigure\1.5.4.RELEASE\spring-boot-test-autoconfigure-1.5.4.RELEASE.jar
MD5: 2ccd6fe9bfb4b70ca0c8b824d5a06d73
SHA1: 5c751eb6cfa58c86ba4ffc4c3334faf4331d5385
Description: Spring Boot Test
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-test\1.5.3.RELEASE\spring-boot-test-1.5.3.RELEASE.jar
MD5: 9116aa5363615823c80f90902eaeebd1
SHA1: ad57d8bacb4fc147ded7c99806f8693855f5fe29
Description: Spring Boot Test
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot-test\1.5.4.RELEASE\spring-boot-test-1.5.4.RELEASE.jar
MD5: 15f1f2758643aeb2631dddd4b4ce3cfc
SHA1: a7a68089a6cf35db5587029e5c163466dadf7c5b
Description: Spring Boot
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot\1.5.3.RELEASE\spring-boot-1.5.3.RELEASE.jar
MD5: 36bbf6aff3f56046cf4f8ac9373886be
SHA1: 5fedde3489afd5dbd82f9122aaec4c9f6da3d564
Description: Spring Boot
File Path: C:\Users\Tamara\.m2\repository\org\springframework\boot\spring-boot\1.5.4.RELEASE\spring-boot-1.5.4.RELEASE.jar
MD5: 1720a2ed8b2f62d318c0bb9a9d19e5bf
SHA1: 0cf51bb0751c1362a417eb59824d27d2907780d2
File Path: C:\Users\Tamara\.m2\repository\org\springframework\data\spring-data-commons\1.13.3.RELEASE\spring-data-commons-1.13.3.RELEASE.jar
MD5: ba49322acc61dcd574f0277a3dd3fd76
SHA1: f8be49f9564b7b8736d8f1ebb55bbf4997c29514
File Path: C:\Users\Tamara\.m2\repository\org\springframework\data\spring-data-commons\1.13.4.RELEASE\spring-data-commons-1.13.4.RELEASE.jar
MD5: bdae258cef2314600ff8fcdf45371cae
SHA1: 1a45b99bd63449ba31963237993d4a45b9f96abc
Description: Spring Data module for JPA repositories.
File Path: C:\Users\Tamara\.m2\repository\org\springframework\data\spring-data-jpa\1.11.3.RELEASE\spring-data-jpa-1.11.3.RELEASE.jar
MD5: b924f0004504065af93052de1bd4356b
SHA1: 32394b68dd3eb580ace408c0c8b886601cc88288
Description: Spring Data module for JPA repositories.
File Path: C:\Users\Tamara\.m2\repository\org\springframework\data\spring-data-jpa\1.11.4.RELEASE\spring-data-jpa-1.11.4.RELEASE.jar
MD5: f9a6ecced5bfc3dbb8f98eeab35feb1a
SHA1: 9f559debeb095fb0040102aef37e5fee2830a470
Description: Spring Data module providing support for Apache Solr repositories.
File Path: C:\Users\Tamara\.m2\repository\org\springframework\data\spring-data-solr\2.1.4.RELEASE\spring-data-solr-2.1.4.RELEASE.jar
MD5: 8b5c6270b67720c358772443ec0b7fb5
SHA1: a3f325c470553f94778c0db53b015731b76ab499
Description: Spring AOP
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-aop\4.3.8.RELEASE\spring-aop-4.3.8.RELEASE.jar
Description: Spring AOP
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-aop\4.3.9.RELEASE\spring-aop-4.3.9.RELEASE.jar
Description: Spring Aspects
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-aspects\4.3.8.RELEASE\spring-aspects-4.3.8.RELEASE.jar
Description: Spring Aspects
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-aspects\4.3.9.RELEASE\spring-aspects-4.3.9.RELEASE.jar
Description: Spring Beans
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-beans\4.3.8.RELEASE\spring-beans-4.3.8.RELEASE.jar
Description: Spring Beans
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-beans\4.3.9.RELEASE\spring-beans-4.3.9.RELEASE.jar
Description: Spring Context
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-context\4.3.8.RELEASE\spring-context-4.3.8.RELEASE.jar
Description: Spring Context
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-context\4.3.9.RELEASE\spring-context-4.3.9.RELEASE.jar
Description: Spring Core
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-core\4.3.8.RELEASE\spring-core-4.3.8.RELEASE.jar
Description: Spring Core
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-core\4.3.9.RELEASE\spring-core-4.3.9.RELEASE.jar
Description: Spring Expression Language (SpEL)
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-expression\4.3.8.RELEASE\spring-expression-4.3.8.RELEASE.jar
Description: Spring Expression Language (SpEL)
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-expression\4.3.9.RELEASE\spring-expression-4.3.9.RELEASE.jar
Description: Spring JDBC
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-jdbc\4.3.8.RELEASE\spring-jdbc-4.3.8.RELEASE.jar
Description: Spring JDBC
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-jdbc\4.3.9.RELEASE\spring-jdbc-4.3.9.RELEASE.jar
Description: Spring Object/Relational Mapping
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-orm\4.3.8.RELEASE\spring-orm-4.3.8.RELEASE.jar
Description: Spring Object/Relational Mapping
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-orm\4.3.9.RELEASE\spring-orm-4.3.9.RELEASE.jar
Description: Spring Object/XML Marshalling
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-oxm\4.3.8.RELEASE\spring-oxm-4.3.8.RELEASE.jar
Description: Spring Object/XML Marshalling
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-oxm\4.3.9.RELEASE\spring-oxm-4.3.9.RELEASE.jar
Description: Spring TestContext Framework
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-test\4.3.8.RELEASE\spring-test-4.3.8.RELEASE.jar
Description: Spring TestContext Framework
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-test\4.3.9.RELEASE\spring-test-4.3.9.RELEASE.jar
Description: Spring Transaction
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-tx\4.3.8.RELEASE\spring-tx-4.3.8.RELEASE.jar
Description: Spring Transaction
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-tx\4.3.9.RELEASE\spring-tx-4.3.9.RELEASE.jar
Description: Spring Web
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-web\4.3.8.RELEASE\spring-web-4.3.8.RELEASE.jar
Description: Spring Web
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-web\4.3.9.RELEASE\spring-web-4.3.9.RELEASE.jar
Description: Spring Web MVC
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-webmvc\4.3.8.RELEASE\spring-webmvc-4.3.8.RELEASE.jar
Description: Spring Web MVC
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0File Path: C:\Users\Tamara\.m2\repository\org\springframework\spring-webmvc\4.3.9.RELEASE\spring-webmvc-4.3.9.RELEASE.jar
Description: Spring WS Core
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\springframework\ws\spring-ws-core\2.4.0.RELEASE\spring-ws-core-2.4.0.RELEASE.jar
Description: Spring XML
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\springframework\ws\spring-xml\2.4.0.RELEASE\spring-xml-2.4.0.RELEASE.jar
Description: This project provides an API to analyse class dependencies
License:
Apache License 2: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\vafer\jdependency\0.7\jdependency-0.7.jar
Description: YAML 1.1 parser and emitter for Java
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txtFile Path: C:\Users\Tamara\.m2\repository\org\yaml\snakeyaml\1.17\snakeyaml-1.17.jar
Description: Java stub generator for WSDL
License:
CPL: http://www.opensource.org/licenses/cpl1.0.txtFile Path: C:\Users\Tamara\.m2\repository\wsdl4j\wsdl4j\1.6.3\wsdl4j-1.6.3.jar
File Path: C:\Users\Tamara\.m2\repository\com\sun\xml\bind\jaxb-core\2.2.7\jaxb-core-2.2.7.jar\META-INF/maven/com.sun.xml.txw2/txw2/pom.xml
MD5: cf4b1041a961856b9c0a5c3846c602fe
SHA1: 145b0c8dc9d0205ea46c44a3be6c1911d4e30e81
Description: The core functionality of the CodeModel java source code generation library
File Path: C:\Users\Tamara\.m2\repository\com\sun\xml\bind\jaxb-xjc\2.2.7\jaxb-xjc-2.2.7.jar\META-INF/maven/com.sun.codemodel/codemodel/pom.xml
MD5: cb3ef5421d53f8e82462067161f2c443
SHA1: 14713e5f64df609081c58e1d3170db8c500a1f1a
File Path: C:\Users\Tamara\.m2\repository\com\sun\xml\bind\jaxb-xjc\2.2.7\jaxb-xjc-2.2.7.jar\META-INF/maven/com.sun.istack/istack-commons-tools/pom.xml
MD5: 789273b3a18fe3379887305fcd70a8fc
SHA1: ea8643a9daf54ccb792c5312aec496add5472e48
Description: SAX-like API for parsing XML DTDs.
License:
CDDL v1.1 / GPL v2 dual license: http://glassfish.java.net/public/CDDL+GPL_1_1.htmlFile Path: C:\Users\Tamara\.m2\repository\com\sun\xml\bind\jaxb-xjc\2.2.7\jaxb-xjc-2.2.7.jar\META-INF/maven/com.sun.xml.dtd-parser/dtd-parser/pom.xml
Description: XML Schema Object Model (XSOM) is a Java library that allows applications to easily parse XML Schema documents and inspect information in them. It is expected to be useful for applications that need to take XML Schema as an input.
License:
CDDL v1.1 / GPL v2 dual license: http://glassfish.java.net/public/CDDL+GPL_1_1.htmlFile Path: C:\Users\Tamara\.m2\repository\com\sun\xml\bind\jaxb-xjc\2.2.7\jaxb-xjc-2.2.7.jar\META-INF/maven/com.sun.xsom/xsom/pom.xml
Description: RNGOM is an open-source Java library for parsing RELAX NG grammars.
License:
The MIT License: http://www.opensource.org/licenses/mit-license.phpFile Path: C:\Users\Tamara\.m2\repository\com\sun\xml\bind\jaxb-xjc\2.2.7\jaxb-xjc-2.2.7.jar\META-INF/maven/org.kohsuke.rngom/rngom/pom.xml
Description:
The Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
File Path: C:\Users\Tamara\.m2\repository\org\apache\maven\shared\maven-shared-utils\0.1\maven-shared-utils-0.1.jar\META-INF/maven/commons-io/commons-io/pom.xml
MD5: 8dcc8cd4255c1f23e7f58780a943cefb
SHA1: 1ef24807b2eaf9d51b5587710878146d630cc855
File Path: C:\Users\Tamara\.m2\repository\org\assertj\assertj-core\2.6.0\assertj-core-2.6.0.jar\META-INF/maven/cglib/cglib-nodep/pom.xml
MD5: 425b3e01685d013cbc5b431afc582104
SHA1: 3d0aad1cd07c4754588acbdb8561e367e457cc1d
File Path: C:\Users\Tamara\.m2\repository\org\assertj\assertj-core\2.6.0\assertj-core-2.6.0.jar\META-INF/maven/cglib/cglib/pom.xml
MD5: 072045d2914c647e8e37e8c4b387aaf0
SHA1: 23e1de8e375b571cb6c40ef93f04578abc23dfcb